Hello,
> hmm I see.
> - ssh/rsa.c:rsa_alive() calls RSA_generate_key()
> - RSA_generate_key() calls BN_generate_prime()
> - BN_generate_prime() calls BN_rand() via probable_prime()
> - BN_rand require us to have kernel random number device
> so openssh considers that we don't have RSA in the library.
Yup, I just recompiled a kernel with rnd activated for amiga and hp300, now
sshd starts up without any problems supporting version 1.5 and 2 of the
protocol.
> similarly, DH_generate_key() does not work if there's no random number
> device.
>
> I'm not sure if it is safe to allow userland-generated pseudo random
> number. it looks intentional. all I can do with confidence is to
> improve error message from ssh/sshd, to warn that you don't have random
> number device.
Yup, it should be somewhere documented - especially as sshd says to look
for ssl(8) which seems does not exist on at least 1.5_ALPHA2.
Greets
Thorsten